Drm landscape and online streaming
-
Upload
jasmeet-chhabra -
Category
Technology
-
view
1.534 -
download
6
description
Transcript of Drm landscape and online streaming
DRM LANDSCAPE AND ONLINE STREAMINGJasmeet (Jas) Chhabra
Outline• What is DRM?• DRM standards
• Microsoft Playready , Apple FairPlay , OMA DRM
• DRM Techniques• Streaming standards
• HTTP live stream, MPEG DASH etc.
• DRM content playback• Silverlight, Flash, HTML5 Premium Video Extensions
DRM: what is it?
• Digital rights management• Separates protected content and license rights.
• DRM may be viewed as content owner’s effort to exert “remote control” over content after it is delivered to the recipient
• Accomplished through cryptographic controls and controls on user platforms.
DRM : The reality
• Cryptography is necessary but not sufficient for DRM
• Cryptography was designed to deliver bits securely, not to protect them after they have been delivered. DRM is opposite of that.
• DRM will always suffer from analog hole• For example you can record music being played by using a microphone
Basic Terms
• Rights expression language: Defines rights and constraints on content
• License server: issues licenses• License: Contains keys to access content and use REL to express rights and constraints
• Secure player: Enforces the rules and constraints• Domain: Common group of devices that allow single domain license to be used. For example all of the devices in a household
Movie DRM standards for Disks• CSS (Content Scrambling System)
• Used for DVD.
• Advanced Access Content System (AACS)• Used for HD-DVD and blue Ray
Online Streaming services• Current
• Microsoft PlayReady• Apple Fairplay
• Future:• Lots of players planning to move to HTML5 DRM
• HTML5 Premium Video Extensions
This is our Focus
Other DRM technologies• OMA DRM: Used by operators for Ringtones, Music,
Wallpapers etc.
Relationship of various pieces
• DRM: Defines how to protect content• Streaming standards: Define how content can be streamed adaptively
• Player: Implementations of content viewer that include many DRM technologies and streaming standards
DRM: MICROSOFT PLAYREADY
Microsoft PlayReady
Packaging Server:Packages content for distribution
Microsoft PlayReady
Send appropriate data to various servers
Microsoft PlayReady
License Server:
• Stores rights info for clients.
• Provide content right licenses to the client
Quick Note: Domain
• A set of devices that belong to the same user
• They may share content based on the rights granted by the content owner.
• User may add or remove devices to the domain
Microsoft PlayReady
Domain Controller:Stores domain membership info
Microsoft PlayReady
Distribution Server:Distribute the actual content files
Microsoft PlayReady
PlayReady Clients:Clients that play the media
Microsoft PlayReady
Metering Server:Device maintains info on playback count etc.
Microsoft PlayReady: Business Models
• Subscription• Purchase• Pay per view• Rental : Time based• Gifting
Distribution options
• Download• Progressive Download
• Start playing when partially downloaded
• Streaming• Sideloading content from PC to mobile phone
• Sync PC content to mobile device
• Over the air distribution• Direct delivery over wireless network rather than sideloading
• Super Distribution• Send and share with other users over email, wireless etc.
DRM: APPLE FAIRPLAY
FairPlay Overview
• Apple’s closed format• Files are MP4 containers with an encrypted content• MP4 can handle audio, video, images, text and other
digital content
• User keys decrypt the master key for the content• iTunes server keeps track of domain info and allows up to 5 machines to be authorized.
• User keys are stored in key repository on the machine
DRM: OMA DRM
OMA DRM• OMA: Open Mobile Alliance: Consortium of various mobile
communication companies.• OMA DRM 2.0 provides complete end-to-end protection
system • Based on concept of separating the license and content• License is called Rights object (RO)• RO contains content encryption keys and basic usage
rules.• License is generally created for a particular device
OMA DRM Architecture / OperationRights
issuer (RI)
DRM Agent on Device
Content issuer
Usage rules +CEK
Rights object (RO)
Rights object acquisition protocol (ROAP)
HTTP,…
Protected Content
1
1. DRM client requests protected content2. Rights issuer handles generation and delivery of rights object.
• Rights object includes usage rules and a CEK.• If this is the first time RI and the device are communicating, RI also
performs an enrollment process.3. DRM agent on device decrypts CEK and enforces usage rules
2
3
Other OMA DRM Concept• Domain: Set of devices where content can be shared
• Super-distribution: separation of license and content allows content to be distributed through any channel.
• Subscription: Enables business models based on subscriptions service.
• Backup: Allows backup to external storage• Export: Enables export of OMA DRM content and rights to devices using other DRM protection.
DRM IMPLEMENTATION TECHNIQUES
DRM Techniques: Software Defense
• Goal: Make it harder to reverse engineer• Common Techniques
• Anti-Debug • Anti-Disassembly• Obfuscation• Guards: Tamper check parts of code• Combining proprietary crypto with the standard crypto algorithm • Using a combination of above is generally good.
• Arxan is one company that employs many of these techniques
DRM Technique: BOBE-Resistance
• Personalize each copy of software• Metamorphic software like Viruses
• Functionally equivalent software with different internal structure on each machine
• Update software in Real time
DRM Techniques: Hardware assisted
• ARM TrustZone• Discretix
ONLINE STREAMING
HTTP Live Streaming(HLS)
• Created by Apple• Used to distribute both live and on-demand files
• Used to adaptively stream • Widely supported : Microsoft, RealNetworks, Wowza, Akamai
• Exclusive way to deliver video in the apple ecosystem
HLS Overview
• Server: • Encode source into multiple files at different data rate• Each chunk should be short: 5-10 seconds• Load on http server with text based manifest fil3
(.m3u8)• Manifest directs the player to additional manifest files
for each of the encoded streams.
• Client:• Player adaptively selects the content chunks at different
bitrates depending on the bandwidth/network quality, buffer status, CPU utilization etc.
HLS server side : One Video file
IndexFile.m3u8
Alt Low index
Alt Med index
Alt High index
Low_01.ts
Low_02.ts
Low_03.ts
Med_01.ts
Med_02.ts
Med_03.ts
Hi_01.ts
Hi_02.ts
Hi_03.ts
MPEG DASH
• DASH: Dynamic adaptive streaming over HTTP
• Codec agnostic• Core adaptive streaming similar to HLS
• Manifest files and alternate stream urls.
• ISO standard• Not as well supported as HLS
Other online streaming standards
• HDS: HTTP Dynamic streaming• Used for Flash video
• HSS: HTTP smooth streaming• Microsoft standard• Part of IIS media server• Enables streaming media to Silverlight
PLAYERS
Silverlight & Flash
• Application frameworks for writing and running rich internet applications.
• Similar to each other• Silverlight : Microsoft• Flash: Adobe• Used to deliver video :
• SilverLight: Netflix, Amazon• Flash : Youtube
HTTP Premium Video Extensions
• Media Source extensions• Encrypted Media Extensions• Web Cryptography API (WebCrypto)
HTTP Premium Video Extensions :Media Source extensions
• Extends HTMLMediaElement to allow JavaScript to generate media streams for playback
• Allows streaming service to use CDN to download content and feed to video tag for playback
• Allows customized adaptive streaming
HTTP Premium Video Extensions :Encrypted Media Extensions
• Extends HTMLMediaElement providing APIs to control playback of protected content
• Provides standardized way from DRM systems to be used in browser• DRM standard agnostic
HTTP Premium Video Extensions :Web Cryptography API (WebCrypto)
• Defines an API for "basic cryptographic operations in web applications, such as hashing, signature generation and verification, and encryption and decryption.”
• Allows Server to encrypt and decrypt communication between javascript and itself
• Protects user data from inspection and tampring
Summary: Relationship of various pieces
• DRM: Defines how to protect content• Streaming standards: Define how content can be streamed adaptively
• Player: Implementations of content viewer that include many DRM technologies and streaming standards